ºü¸¥ ¸Þ´º
  ¼¼±Ý°è»ê¼­/¿µ¼öÁõ ¹ß±Þ
  ¿ä±Ý ³³ºÎ/¹Ì³³ Á¶È¸
°øÁö ¹× ¾È³»
  °øÁö»çÇ×
  ÀÛ¾÷°øÁö
À̺¥Æ® ¹× ½Å±Ô¼­ºñ½º
  À̺¥Æ®
  ½Å±Ô ¼­ºñ½º
»ó´ã ¹× ¹®ÀÇ
  ÀÚÁÖ ¹¯´Â Áú¹®
  1:1Áú¹®°ú ´äº¯
  ¹®ÀǸÞÀÏ º¸³»±â
  °í°´»ó´ã ÀüÈ­¹øÈ£ ¾È³»
»ç¿ë¹ý ¾È³»
  ¼­ºñ½º »ç¿ë¹ý
°í°´ÀÇ ¼Ò¸®
  ĪÂùÇÕ´Ï´Ù
  Best ĪÂù»ç¿ø
  Á¦¾ÈÇÕ´Ï´Ù
  Á¦¾È ¹Ý¿µ ³»¿ª
BlueCGI ºÒ·®»ç¿ëÀÚ ½Å°í
ºí·çÀ¥ ÄÝ¹é ¼­ºñ½º

Ȩ > °øÁö ¹× ¾È³» > °øÁö»çÇ×
Á¦¸ñ [º¸¾È] 2¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í µî·ÏÀÏ 2011-02-09
³»¿ë

[MS11-003] Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ®

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É

¡à ¼³¸í
  o °ø°³µÈ Ãë¾àÁ¡ 2°³¸¦ Æ÷ÇÔÇÑ ÃÑ 4°³ÀÇ Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È¾÷µ¥ÀÌÆ®
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ À¥ÆäÀÌÁö¸¦ »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î
     ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - CSS Memory Corruption Vulnerability - CVE-2010-3971
    - Uninitialized Memory Corruption Vulnerability - CVE-2011-0035
    - Uninitialized Memory Corruption Vulnerability - CVE-2011-0036
    - Internet Explorer Insecure Library Loading Vulnerability - CVE-2011-0038
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Internet Explorer 6 with Windows XP SP3
    - Internet Explorer 6 with Windows Pro x64 SP2
    - Internet Explorer 6 with Windows Server 2003 SP2
    - Internet Explorer 6 with Windows Server 2003 x64 SP2
    - Internet Explorer 6 with Windows Server 2003 SP2 for Itanium-based Systems
    - Internet Explorer 7 with Windows XP SP3
    - Internet Explorer 7 with Windows Pro x64 SP2
    - Internet Explorer 7 with Windows Server 2003 SP2
    - Internet Explorer 7 with Windows Server 2003 x64 SP2
    - Internet Explorer 7 with Windows Server 2003 SP2 for Itanium-based Systems
    - Internet Explorer 7 with Windows Vista SP1, SP2
    - Internet Explorer 7 with Windows Vista x64 SP1, SP2
    - Internet Explorer 7 with Windows Server 2008, SP2
    - Internet Explorer 7 with Windows Server 2008 x64, SP2
    - Internet Explorer 7 with Windows Server for Itanium-based Systems, SP2
    - Internet Explorer 8 with Windows XP SP3
    - Internet Explorer 8 with Windows XP Pro x64 SP2
    - Internet Explorer 8 with Windows Server 2003 SP2
    - Internet Explorer 8 with Windows Server 2003 x64 SP2
    - Internet Explorer 8 with Windows Vista SP1, SP2
    - Internet Explorer 8 with Windows Vista x64 SP1, SP2
    - Internet Explorer 8 with Windows Server 2008 SP1, SP2
    - Internet Explorer 8 with Windows Server 2008 x64 SP1, SP2
    - Internet Explorer 8 with Windows 7
    - Internet Explorer 8 with Windows 7 x64
    - Internet Explorer 8 with Windows Server 2008 R2 for x64
    - Internet Explorer 8 with Windows Server 2008 R2 for Itanium-based Systems
¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-003.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-003.mspx

 

[MS11-004] Internet Information Services Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o IIS FTP ¼­ºñ½ºÀÇ FTP ¼­¹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ FTP ¸í·ÉÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ
     °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç
    ¡Ø IIS(Internet Information Services) : FTP, SMTP, NNTP, HTTP/HTTPS µîÀÇ ÇÁ·Î
        ÅäÄÝÀ» Áö¿øÇÏ´Â MSÀÇ ÀÎÅÍ³Ý Á¤º¸ ¼­ºñ½º
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ FTP ¸í·ÉÀ» Àü¼ÛÇÏ¿© ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - IIS FTP Service Heap Buffer Overrun Vulnerability - CVE-2010-3972
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - IIS FTP 7.0, 7.5 on Windows Vista SP1, SP2
    - IIS FTP 7.0, 7.5 on Windows Vista x64 Edition SP1, SP2
    - IIS FTP 7.0, 7.5 on Windows Server 2008 for 32-bit Systems, SP2
    - IIS FTP 7.0, 7.5 on Windows Server 2008 for x64-based Systems, SP2
    - IIS FTP 7.5 on Windows 7 for 32-bit Systems
    - IIS FTP 7.5 on Windows 7 for x64-based Systems
    - IIS FTP 7.5 on Windows Server 2008 R2 for x64-based Systems
    - IIS FTP 7.5 on Windows Server 2008 R2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - IIS FTP 5.1 on Windows XP SP3
    - IIS FTP 5.1 on Windows XP Professional x64 Edition SP2
    - IIS FTP 6.0 on Windows Server 2003 SP2
    - IIS FTP 6.0 on Windows Server 2003 x64 Edition SP2
    - IIS FTP 6.0 on Windows Server 2003 with SP2 for Itanium-based Systems
    - IIS FTP 6.0 on Windows Vista SP1, SP2
    - IIS FTP 6.0 on Windows Vista x64 Edition SP1, SP2
    - IIS FTP 6.0 on Windows Server 2008 for 32-bit Systems, SP2
    - IIS FTP 6.0 on Windows Server 2008 for x64-based Systems, SP2
    - IIS FTP 6.0 on Windows Server 2008 for Itanium-based Systems, SP2

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-004.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-004.mspx

 

[MS11-005] Active Directory Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¼­ºñ½º°ÅºÎ ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¼­ºñ½º°ÅºÎ »óÅ·Π¸¸µé ¼ö ÀÖÀ½

¡à ¼³¸í
  o Active Directory ¼­¹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÐŶÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø Active Directory : À©µµ¿ì ¿î¿µÃ¼Á¦¿¡¼­ »ç¿ëÀÚ, »ç¿ëÀÚ ±×·ì, ³×Æ®¿÷ µ¥ÀÌÅÍ µîÀ» Çϳª·Î
       ÅëÇÕ °ü¸®ÇÏ´Â µð·ºÅ丮 ¼­ºñ½º
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÐŶÀ» Àü¼ÛÇÏ¿© ¼­ºñ½º°ÅºÎ ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Active Directory SPN Validation Vulnerability - CVE-2011-0040
  o ¿µÇâ : ¼­ºñ½º°ÅºÎ
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Active Directory on Windows Server 2003 SP2
    - Active Directory on Windows Server 2003 x64 Edition SP2
    - Active Directory on Windows Server 2003 with SP2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - ADAM on Windows XP SP3
    - ADAM on Windows XP Professional x64 Edition SP2
    - ADAM on Windows Server 2003 SP2
    - ADAM on Windows Server 2003 x64 Edition SP2
    - AD LDS on Windows Vista SP1, SP2
    - AD LDS on Windows Vista x64 Edition SP1, SP2
    - AD, AD LDS on Windows Server 2008 for 32-bit Systems, SP2
    - AD, AD LDS on Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - AD LDS on Windows 7 for 32-bit Systems
    - AD LDS on Windows 7 for x64-based Systems
    - AD, AD LDS Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-005.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-005.mspx

 

[MS11-006] Windows Shell Graphics Processor Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É

¡à ¼³¸í
  o Windows Shell Graphics Processor°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁö¸¦ ó¸®ÇÏ´Â °úÁ¤¿¡¼­
     ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç
    ¡Ø Windows Shell Graphics Processor : À©µµ¿ì ¿î¿µÃ¼Á¦¿¡¼­ Ž»ö±â¿¡ À̹ÌÁö
        ÆÄÀÏÀ» °£·«ÇÏ°Ô º¸¿©ÁÖ±â À§ÇØ »ç¿ëµÇ´Â ¸ðµâ
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁö ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ
     ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Windows Shell Graphics Processing Overrun Vulnerability - CVE-2010-3970
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-006.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-006.mspx

 

[MS11-007] OpenType Compact Font Format µå¶óÀ̹öÃë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o OpenType Compact Font Format µå¶óÀ̹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆùÆ®¸¦ ÀÌ¿ëÇÏ´Â °úÁ¤¿¡¼­
    ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç
    ¡Ø OpenType Compact Font Format : MS À©µµ¿ì¿Í ¾ÖÇà MAC ¿î¿µÃ¼°è¿¡¼­ »ç¿ëµÇ´Â
       Æ®·çŸÀÔ ÆùÆ® ÆÄÀÏ Çü½ÄÀ» È®ÀåÇÑ ±Û²Ã ÆÄÀÏ Çü½Ä
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆùÆ®¸¦ »ç¿ëÀÚ°¡ »ç¿ëÇϵµ·Ï À¯µµÇÏ¿© ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - OpenType Font Encoded Character Vulnerability - CVE-2011-0033
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-007.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-007.mspx

 

[MS11-008] Microsoft Visio Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É

¡à ¼³¸í
  o Microsoft Visio°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Visio ÆÄÀÏÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ
     Ãë¾àÁ¡ Á¸Àç
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Visio ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î
    ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Visio Object Memory Corruption Vulnerability - CVE-2011-0092
    - Visio Data Type Memory Corruption Vulnerability - CVE-2011-0093
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Visio 2002 SP2
    - Microsoft Visio 2003 SP3
    - Microsoft Visio 2007 SP2
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Visio 2010 (32-bit editions)
    - Microsoft Visio 2010 (64-bit editions)
    - Microsoft Visio 2007 Viewer
    - Microsoft Visio 2010 Viewer

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-008.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-008.mspx

 

[MS11-009] JScript/VBScript Scripting ¿£Áø Ãë¾àÁ¡À¸·Î ÀÎÇÑ Á¤º¸´©Ãâ ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇÑ Á¤º¸´©Ãâ

¡à ¼³¸í
  o JScript/VBScript Scripting ¿£ÁøÀÌ Æ¯¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ó¸®ÇÏ´Â °úÁ¤¿¡¼­ Á¤º¸´©Ãâ
    Ãë¾àÁ¡ÀÌ ¹ß»ý
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© Á¤º¸´©Ã⠹߻ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Scripting Engines Information Disclosure Vulnerability - CVE-2011-0031
  o ¿µÇâ : Á¤º¸´©Ãâ
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-009.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-009.mspx

 

[MS11-010] Windows Client/Server Run-time Subsystem Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Client/Server Run-time
    SubsystemÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý
    ¡Ø Windows Client/Server Run-time Subsystem : Win32 ¼­ºê½Ã½ºÅÛÀÇ »ç¿ëÀÚ¸ðµå ºÎºÐÀ¸·Î
        ÄÜ¼Ö À©µµ¿ì, ½º·¹µåÀÇ »ý¼º/»èÁ¦ µî¿¡ °ü¿©Çϸç Ç×»ó ½ÇÇàµÇ¾î¾ß ÇÏ´Â ±âº»ÀûÀÎ ¼­ºê½Ã½ºÅÛ
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - CSRSS Elevation of Privilege Vulnerability - CVE-2011-0030
  o ¿µÇâ : ±ÇÇÑ»ó½Â
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-010.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-010.mspx

 

[MS11-011] Windows Kernel Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Windows Kernel
     ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Driver Improper Interaction with Windows Kernel Vulnerability - CVE-2010-4398
    - Windows Kernel Integer Truncation Vulnerability - CVE-2011-0045
  o ¿µÇâ : ±ÇÇÑ»ó½Â
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-011.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-011.mspx

 

[MS11-012] Windows Kernel-Mode µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Windows Kernel-Mode
    µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Win32k Improper User Input Validation Vulnerability - CVE-2011-0086
    - Win32k Insufficient User Input Validation Vulnerability - CVE-2011-0087
    - Win32k Window Class Pointer Confusion Vulnerability - CVE-2011-0088
    - Win32k Window Class Improper Pointer Validation Vulnerability - CVE-2011-0089
    - Win32k Memory Corruption Vulnerability - CVE-2011-0090
  o ¿µÇâ : ±ÇÇÑ»ó½Â
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-012.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-012.mspx

 

[MS11-013] Kerberos Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¼­ºñ½º°¡ µ¿ÀÛÇÏ´Â °úÁ¤ Áß, KerberosÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ
    »ó½ÂÀÌ ¹ß»ý
    ¡Ø Kerberos : °³¹æµÈ ÄÄÇ»ÅÍ ³×Æ®¿öÅ© ³»¿¡¼­ ¼­ºñ½º ¿ä±¸¸¦ ÀÎÁõÇϱâ À§ÇÑ ¹æ¹ý
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¼­ºñ½º¸¦ »ç¿ëÀÚ°¡ »ç¿ëÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - Kerberos Unkeyed Checksum Vulnerability - CVE-2011-0043
    - Kerberos Spoofing Vulnerability - CVE-2011-0091
  o ¿µÇâ : ±ÇÇÑ»ó½Â
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-013.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-013.mspx

 

[MS11-014] Local Security Authority Subsystem Service Ãë¾àÁ¡À¸·Î ÀÎÇÑ ·ÎÄñÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Local Security Authority
    Subsystem ServiceÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ·ÎÄñÇÇÑ»ó½ÂÀÌ ¹ß»ý
    ¡Ø Local Security Authority Subsystem Service : ·ÎÄà º¸¾È, µµ¸ÞÀÎ ÀÎÁõ, ¿¢Æ¼ºê µð·ºÅ丮
       ¼­ºñ½º ÇÁ·Î¼¼½º µîÀ» °ü¸®Çϱâ À§ÇÑ ÀÎÅÍÆäÀ̽º¸¦ Á¦°øÇÏ´Â ¼­ºñ½º
  o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ·ÎÄñÇÇÑ»ó½Â ¹ß»ý°¡´É
  o °ü·ÃÃë¾àÁ¡ :
    - LSASS Length Validation Vulnerability - CVE-2011-0039
  o ¿µÇâ : ·ÎÄñÇÇÑ»ó½Â
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems, SP2
    - Windows Server 2008 for x64-based Systems, SP2
    - Windows Server 2008 for Itanium-based Systems, SP2
    - Windows 7 for 32-bit Systems
    - Windows 7 for x64-based Systems
    - Windows Server 2008 R2 for x64-based Systems
    - Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥ 
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-014.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-014.mspx

¿øº» : http://www.krcert.or.kr



Á¤º¸º¸È£¾ÈÀüÁø´ÜÇÊÁõ ȹµæ Çѱ¹ÀÎÅͳÝÁøÈï¿ø °øÀÎ µµ¸ÞÀÎ µî·Ï´ëÇàÀÚ tucows kt idc sk idc
 
ºí·çÀ¥
¢ßÀ¯´ÏÆÄÀÌ ¼­¿ïƯº°½Ã ¼ºµ¿±¸ ±¤³ª·ç·Î 144, ´õ ½ºÆäÀ̽º Ÿ¿ö 7Ãþ, 13Ãþ (º»Á¡)
´ëÇ¥ÀÌ»ç : ÀÓ¼ºÈ£ »ç¾÷ÀÚµî·ÏÁõ¹øÈ£ : 106-81-85951 Åë½ÅÆǸž÷ ½Å°í¹øÈ£ : °­³² 3315È£ °³ÀÎÁ¤º¸º¸È£Ã¥ÀÓÀÚ : ÀÌÃæÈñ
Copyright¨Ï Blueweb All rights Reserved.